IETF Logo Mail Archive

Re: [TICTOC] [Ntp] WGLC for draft-ietf-ntp-mac

Matthew Van Gundy <mvangund@cisco.com> Wed, 28 February 2018 22:04 UTC

Return-Path: <mvangund@cisco.com>
X-Original-To: tictoc@ietfa.amsl.com
Delivered-To: tictoc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F312C126D73; Wed, 28 Feb 2018 14:04:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4yxdcGh4X_-c; Wed, 28 Feb 2018 14:04:16 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89F6F126CF9; Wed, 28 Feb 2018 14:04:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2325; q=dns/txt; s=iport; t=1519855456; x=1521065056; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=wnA4FThvEQKTXfg3e6OB0wE7C7PUuEeIyI86IqacUOA=; b=HtXGTVliNTZK0Ld7xnzwF03ftkfqF6jmN/WCWFxegtqagicnwD6A80E6 gNAmU7kcK/Gws4mqWCd0bydtx38BkFkJS9jSagWP5FQdZsdjpYDDi8CMm KK5/0m+vWsNGQYMM9NnFU+HBjMsvLfRrJfBunxHKqTntS6NJmUJkAP1mu 4=;
X-Files: signature.asc : 269
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AFAQAWJpda/4ENJK1cGQEBAQEBAQEBAQEBAQcBAQEBAYMfMWZwKI13dIx8ggKBFpQrghUHAxgLhQ0CglZUGAECAQEBAQEBAmsohSMBAQEDAQEBbAsQCw4KCSUPBRM2E4UUCBCuHIhkghYBAQEBAQEBAQEBAQEBAQEBAQEBAR6FI4ENgRqDPYMtgy4BAYdgBY5mi2wJhlCKF48CkVKBLh44gVIzGggbFTqCQwmEb1mMIQEBAQ
X-IronPort-AV: E=Sophos;i="5.47,406,1515456000"; d="asc'?scan'208";a="77025342"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Feb 2018 22:04:15 +0000
Received: from elmers.localdomain (elmers.cisco.com [64.100.220.12]) by alln-core-9.cisco.com (8.14.5/8.14.5) with SMTP id w1SM4F52025586; Wed, 28 Feb 2018 22:04:15 GMT
Received: from mvangund-retina.ddns.asig.cisco.com (mvangund-retina.ddns.asig.cisco.com [64.100.220.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by elmers.localdomain (Postfix) with ESMTPS id 3zs8jV62TWzFpdq; Wed, 28 Feb 2018 17:04:14 -0500 (EST)
Date: Wed, 28 Feb 2018 17:04:13 -0500
From: Matthew Van Gundy <mvangund@cisco.com>
To: Daniel Franke <dfoxfranke@gmail.com>
Cc: ntp@ietf.org, "tictoc@ietf.org" <tictoc@ietf.org>
Message-ID: <20180228220413.GJ83301@mvangund-retina.ddns.asig.cisco.com>
References: <CF57EAFE-31F0-4ADD-A209-1802DB6CA643@isoc.org> <20180227230925.GJ33838@mvangund-retina.ddns.asig.cisco.com> <E1er18d-00029p-Li@stenn.ntp.org> <CAJm83bBVoYrYpEe+BHsUiRCzeR+C5Ui3G9MH1myHj8i7=GWU-A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="pFej7zHSL6C5fFIz"
Content-Disposition: inline
In-Reply-To: <CAJm83bBVoYrYpEe+BHsUiRCzeR+C5Ui3G9MH1myHj8i7=GWU-A@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tictoc/P9L8tFqSbXnxgvTUvgBDfdnBopM>
Subject: Re: [TICTOC] [Ntp] WGLC for draft-ietf-ntp-mac
X-BeenThere: tictoc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Timing over IP Connection and Transfer of Clock BOF <tictoc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tictoc>, <mailto:tictoc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tictoc/>
List-Post: <mailto:tictoc@ietf.org>
List-Help: <mailto:tictoc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tictoc>, <mailto:tictoc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2018 22:04:18 -0000

Hi Daniel,

On Wed, Feb 28, 2018 at 08:51:30AM -0500, Daniel Franke wrote:
> The block size of AES is 128 bits, regardless of whether a 128- or 256-bit
> key is used, and therefore the output of AES-CMAC is always 128 bits.
> 160-bit digests are already supported by RFC7822, but there's no way to
> make AES-CMAC produce one.

Understood.  Thanks for reminding me that RFC7822 explicitly updates the
acceptable digest sizes to be 4, 20, or 24 octets long (inclusive of
the 4 octet key id).  Given that, should I interpret "the resulting
MAC tag SHOULD be 128 bits long" as, "When using draft-ietf-ntp-mac-03
authentication, the MAC tag must be either 0-bits (Crypto-NAK) or
128-bits (AES-CMAC) long.  Otherwise, see RFC 7822."?

>>> Forgive me if this has been discussed and I missed it.  But, to
>>> improve quantum resistance should the draft recommend AES-256 over
>>> AES-128?  I realize that the RFC 4493 construction specifically uses
>>> AES-128, but is there any barrier to using AES-256?

Do you happen to know the rationale for recommending AES-128 over
AES-256?  It seems like it would be appropriate to default to the more
secure variant since implementations MAY always choose AES-128 as long
as they understand the security implications of doing so.

Thanks,
Matt

> 
> On Feb 28, 2018 7:47 AM, "Harlan Stenn" <stenn@ntp.org> wrote:
> 
> > Most everybody seems to think that 160 bits of digest is all that will
> > ever be needed.
> >
> > I'm perfectly happy making sure longer digests are supported.
> > -- Harlan Stenn <stenn@ntp.org>
> > http://networktimefoundation.org - be a member!
> >
> > _______________________________________________
> > ntp mailing list
> > ntp@ietf.org
> > https://www.ietf.org/mailman/listinfo/ntp
> >

v2.23.0 | Report a Bug | By Email